Ok I posted this in software but was told to post here with a DDS log so I have done that.

Aol emails I cant open since I returned from USA 18th Sept . A box comes up saying Internet Explorer has stopped working..it then looks for a solution then comes back and says windows is closing the programme to protect you or something like that.

It does this adhoc while I am on the inter net as well in any prog but mainly aol then the whole page freezes

Also since Sept 18th my camera will not connect to pc so I cant down load my photos

I have utorrent on my pc and someone told me that I should remove it as its prob that but my pc was fine up until I returned from holiday. here is the dds I copied and pasted it not sure how else I was to put it on here

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Spyware Removal forum and wait for help.

Failure to post replies within 3 days will result in this thread being closed.

Hi Amandaand welcome to Spyware Warrior Forum :

My name is torreattack, and I will be helping you with your malware problems.

I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Remember, absence of symptoms does not mean the infection is all gone.

Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.

Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.

If you can do these things, everything should go smoothly.

If you're using XP, you'll need Administrator privileges to perform the fixes. (XP accounts are Administrator by default)

If you're using Vista or Windows7, it will be necessary to right click all tools we use and select ----> Run as Administrator

Quote:

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

I am currently reviewing your log and will return, as soon as possible, with additional instructions.

Thank you for your patience.
torreattack_________________Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed

Apologies for the delay. Researching logs is very time consuming and requires a lot of effort. As I am still in training at the Malware Removal University all of my fixes need to be checked and approved by an instructor. My proposed fix for your log is currently being assessed. I will get back to you with instructions as soon as possible.

Sorry,
torreattack_________________Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed

Backing up is a good practice in case any untoward incidents occur and is a prudent step to prevent data loss.
If you can't backup with the previous method, you can copy all your important files, documents and data to a removable drive/ handy drive/ external drive to backup them.
You should backup your files before proceeding any further.

1. Spyware Warrior - Policy Notification

P2P Warning!IMPORTANT There are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
uTorrent
Please note whenever you use any form of P2P networking to download files you can anticipate infestations of malware to occur.
P2P file sharing used to be fairly safe. This is no longer true...continue to use P2P sharing ...at your own risk! Keep in mind that this practice may be the source of your current malware infestation.

Click start>> Control Panel >> Under Programs, click on Uninstall a program.

Locate the following program(s): uTorrent

Select the program and click on Uninstall to uninstall it.

However, that choice is up to you.
If you choose NOT to remove these programs...indicate that in your next reply.
If you choose to remove these programs, when finished...run another DDS scan and copy/paste the logs in your next reply.

2. CKScanner
Please download CKScanner ... Save it to your desktop.
Make sure that CKScanner.exe is on your desktop before running the application!

right click on the CKScanner.exe icon and select "run as administrator"... then click the Search For Files button.

When the scan is finished (the cursor hourglass disappears) click the Save List To File button.
A text file will be created on your desktop named "ckfiles.txt"

Click OK at the file saved message box. Double-click on the ckfiles.txt icon on your desktop.

Go to Start > Control Panel... click the System icon in the Control Panel.

In the left pane click on System Protection.

When the Dialog comes up, click on the System protection tab.

Check that the drive letter where Windows is located (usually C indicates System protection ON.
(This indicates System restore is turned ON for the Windows drive).

Click the Create button to create a new restore point. In the Name dialog, type Pre Malware Cleanup then click Create.

You will get a message that the Restore Point was created successfully. Click Close.

Click OK and close the System window in the Control Panel.
< STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!

2. I saw you are playing POKER. I want to remind you about the Online Poker.
Online Poker sites are well known for placing all manner of Internet parasites on their visitors' computers and continue to do so. In a lot of cases, these Poker plugins are also getting installed without your asking for it. You can read Poker gamers targeted by a rootkit backdoor regarding the risk involved with visiting the Poker games web sites.
The safe alternative is Pogo.com.

3. Some of the following programs are outdated, useless or not recommended to keep. Please uninstall them.

Click start>> Control Panel >> Under Programs, click on Uninstall a program.

Select the program above and click on Uninstall to uninstall it.NOTE: Take extra care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.

4. RESTART your computer now.

5. Download and run OTL
Please download OTL by Old Timer and save it to your Desktop.

Double click on OTL.exe to run it.

Under Output, ensure that Minimal Output is selected.

Under Extra Registry section, select Use SafeList.

Click the Scan All Users checkbox.

Under Custom Scans/Fixes copy/paste the contents of the code box below.

Oh btw Windows was telling me to download windows 9 so I did I will take all my poker sites off

Keeping your computer up to date is a very good practice. However, updating the computer while we are dealing with malware are not a good decision. Some malware will lock the system files and cause them not able to update. This will makes the problem worst.
Please not update the computer until I give your the all clean message.

please get back to me on the results from the earlier instructions when you are ready.

Thanks for your understanding and cooperation.
torreattack_________________Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed

When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.Note: The log can also be found on your Desktop entitled SystemLook.txtThis scan can take some time to run so please be patient.

3. Checklist
Please post:

OTL fix log

SystemLook.txt

An update on your problems, any redirection?

note: These logs can be lengthy, so post 1 log per reply please.

Thanks,
torreattack_________________Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed

Right-click mbam-setup.exe And select " Run as administrator " then follow the prompts to install the program.

At the end, be sure a checkmark is placed next to:
Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-Malware

Then click Finish.

If an update is found, it will download and install the latest version.
Note: If MBAM doesn't return after an update, please start it again.

Once the program has loaded, select Perform Quick Scan, then click Scan.

When the scan is complete, click OK, then Show Results to view the results.

Check all items except items in the C:\System Volume Information folder... and click Remove Selected.Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

When completed, a log will open in Notepad. Please copy and paste the log back into your next reply

4. Checklist
Please post:

Answer about IE

OTL fix log

mbam-log-date (time).txt

An update on your problems

Thanks,
torreattack_________________Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed

ok so far AOL is fine pictures from camera links up and goes to download and says theres an error cant connect to system and lots of other writing but I cant remember as it closes down too quick..I try to upload again and it wont let me

I ran the Vino thing but it wont save anything on a notepad syas theres an error

This is because the event log is corrupted.

Quote:

ok so far AOL is fine. Pictures from camera links up and goes to download and says theres an error cant connect to system and lots of other writing
but I cant remember as it closes down too quick..I try to upload again and it wont let me

I think it might not be a malware issue. However, let's do a last test before I sent you to computer general help forum.

Quote:

Aol emails I cant open since I returned from USA 18th Sept .

1. In your first post, you said you can't open AOL email. Did it happen only in IE or it happen in all browser (chrome or firefox)? It happen only in AOL website or it happen also to others website?

Note: remember to Uncheck any extra software downloads you may be offered (optional)

4. ESET online scannnerNote: You can use either Internet Explorer or Mozilla FireFox for this scan.Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

First please Disable any Antivirus you have active, as shown in This topic.

Note: Don't forget to re-enable it after the scan.

Next hold down Control then click on the following link to open a new window to ESET online scannner

Then click on Run ESET Online Scanner

Quote:

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

Select the option YES, I accept the Terms of Use then click on Start.

When prompted allow the Add-On/Active X to install.

Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.

Now click on Advanced Settings and select the following:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

Now click on Start.

The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

When completed the Online Scan will begin automatically.

Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

Now click on Finish.

Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

Copy and paste that log as a reply to this topic.

5. Checklist
Please post:

Answer about AOL email

Eset online scanning result

Thanks,
torreattack_________________Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed

I am not sure which version of antivirus that you have. If these instructions not matched with your, please go to the file menu of the antivirus and choose HELP > ABOUT.
Your can write down the version of your antivirus from there and post back to me.

1. HOW TO TURN OFF AD-WATCH in Ad-Aware 2007 or Ad-Aware 2008

Right-click on the Ad-Watch icon in the system tray (located down by the system clock for most configurations)

Choose *Settings* from the dropdown menu

Under the *General Settings* tab turn OFF (red x) the option to &quot;Load Ad-Watch at Startup&quot; (if enabled)

Click on the *Status* button in the left hand menu

Turn OFF (red x) the option for *Regshield*

Close that window, then right-click on the Ad-Watch icon shield again down in the system tray next to the clock.

Choose *Turn off Ad-Watch* from the drop menu

Ad-Watch should now be closed and no longer appear in the system tray.
When you are done with the cleaning process, please remember to turn back ON your Ad-Watch settings and preferences as before.

2. Disable McAfee Antivirus

Please navigate to the system tray on the bottom right hand corner and look for a sign.

right-click the McAfee system tray icon... chose Exit from the available option.

Click on Yes...at the prompt warning that protection will be disabled. This will disable the Antivirus guard.

4. ESET online scannnerNote: You can use either Internet Explorer or Mozilla FireFox for this scan.Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

Select the option YES, I accept the Terms of Use then click on Start.

When prompted allow the Add-On/Active X to install.

Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.

Now click on Advanced Settings and select the following:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

Now click on Start.

The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

When completed the Online Scan will begin automatically.

Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

Now click on Finish.

Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

Copy and paste that log as a reply to this topic.

5. Checklist
Please post:

The name and version of antivirus that you have right now.

Eset online scanning result

Thanks,
torreattack_________________Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed